Posts made in April, 2013

Sudopot – The Sudo Honeypot – Barak Tawily

After I took control of a Linux machine, we want to do a privilege escalation, and get a root. So i started thinking how i gonna do it and i found a way to get the root password by faking the sudo command. If i would fake the sudo command, and abuse it when the user would want to execute some application as sudo, it will ask him for a root password,then the root password will send to the...

read more

Hack & Beer 0×03

Hack & Beer 0×03

Hack & Beer 0×03 is coming up! This time we’ll tackle reverse engineering and debugging around in Win x86 and 64. This time, you can practice while hearing us talk about it right there with your laptop! Learn new and cool tricks of viewing what’s behind that binary file, finding a key for that program or just bypass into some other closed section of the program. This time...

read more

Preparations for OpIsrael

Preparations for OpIsrael

Many articles and reports have been written regarding the immanent threat of AnonGhost on Israel. The attack, which have already started, should peak at the 7th of April 2013. We have decided to take a more pragmatic approach and prepare our servers. Obviously, we are running Linux and using IPTables as our protection. So, here you have it, our little script to help you avoid and block at least...

read more

mimikatz – Clear Text Passwords

mimikatz – Clear Text Passwords

WDigest is a DLL first added in Windows XP that is used to authenticate users against HTTP Digest authentication and Simple Authentication Security Layer (SASL) exchanges. Both of these require the user’s plain-text password in order to derive the key to authenticate—thus why it is stored in plain-text. Mimikatz is a slick tool that pulls plain-text passwords out of WDigest (explained below)...

read more